As part of my job here at Acunetix, from time to time I analyze source code looking for security problems. Using this information I adjust Acunetix WVS to detect these problems automatically (when it’s possible). Monday, I downloaded e107 from e107.org and started analyzing the…
Security is hard
The year debuted with ‘Operation Aurora‘: Google and over 30 other companies were hit by a spear phishing attack which resulted in theft of intellectual property from Google and probably other companies. Spear phishing is a targeted form of phishing in which an e-mail message might look…
2009 Security News Update – PCI Council, Aweber, Adobe – Hacks and Cracks
Back for the last entry of 2009, here are the latest updates in the security world: Aweber announces its own incursion into its site, unnumbered amount of email addresses pilfered. AWeber was recently the victim of an intentional attack to mine email addresses. We’d like…
A Malicious Website Hacker Attacks – CitiGroup Denies Knowledge
While I try and not to be so graphic with my comments, I can’t help but feel CSI-esque lately with all of these website hacker attacks. So here we go again. This time, its CITI. Just reported today by marketwatch.com, Citigroups stock sank significantly based…
Rockyou gets rocked by hackers and old exploit
Well, it has happened. This time, the users themselves have taken action against rockyou.com for their inadvertent disclosure of customer information. Hacker activity has meant Rockyou disclosed what looks like over 32,000,000 accounts. Yes, 32 Million! What is interesting about this case, for me anyways,…
An In-Depth Look at SQL Injection
SQL injection attacks are one of the most common techniques hackers use to access secure information from web servers to carry out illegitimate activities. This hacking technique also demonstrates how vulnerable systems are on not just the insecure ports and other firewall protected fronts, but…
Secure Password Recommendations and Research
You have a lot of things you try to keep secure, and some of them you simply have to put in other people’s hands because you can’t do it on our own (like your website *hint hint*). However, there are some things you do have…
Acunetix Publishes PCI Compliance Guide
The paper aims to help companies meet impending PCI requirements London, UK – May 30, 2007 – Businesses that rely on payment by credit cards are required to comply with the PCI security standards by September 2007. Non compliance could result in loss of merchant…
70% of websites at immediate risk of being hacked!
Acunetix reveals latest statistics based on one year of conducting web application scans Kirkland, Washington – February 12, 2007 – Businesses and non-commercial entities have much to consider when it comes to securing their web applications and the data they keep on customers and patrons….